Normally, breaking a PC’s security involves either finding security exploits or launching brute force attacks, neither of which is necessarily quick or easy. However, a team at Tel Aviv University has come up with a potentially much simpler way to swipe data from a computer: touch it. If you make contact with a PC while you’re wearing a digitizer wristband, you can measure tiny changes in electrical potential that reveal even stronger encryption keys (such as a 4,096-bit RSA key). You don’t even have to touch the system directly in some cases — researchers also intercepted keys from attached network and video cables.
Don’t worry about overly grabby strangers stealing your data just yet. The technique primarily focuses on GnuPG’s encryption software, which already has a patch to limit the effects. Thieves also have to monitor the electricity while decryption is taking place, so they can’t just grab info on demand. However, the very nature of the technique makes it difficult to stop completely — unless you’re a fan of insulation and Faraday cages, someone with physical access to your system may always have an opportunity to peek into your most sensitive content.
Filed under: Science
Source: Tel Aviv University
Source: Engadget Full RSS Feed http://ift.tt/YPhsLl